RFR: 4964430: (spec) missing IllegalStateException exception requirement for javax.crypto.Cipher.doFinal [v2]
Valerie Peng
valeriep at openjdk.org
Tue Oct 3 00:02:39 UTC 2023
On Mon, 2 Oct 2023 23:01:13 GMT, Ben Perez <duke at openjdk.org> wrote:
> > * Cipher.updateAAD(...) methods also calls checkCipherState(), so its javadoc should be updated as well?
>
> The current documentation for Cipher.updateAAD(...) is:
>
> "@throws IllegalStateException if this {@code Cipher} object is in a wrong state (e.g., has not been initialized), does not accept AAD, or if operating in either GCM or CCM mode and one of the {@code update} methods has already been called for the active encryption/decryption operation"
>
> This seems fairly explicit, but I could change the wording to
>
> "@throws IllegalStateException if this {@code Cipher} object is in a wrong state (e.g., has not been initialized, or is not in ENCRYPT_MODE or DECRYPT_MODE)"
We still need the part of "does not accept AAD, or if operating in either GCM or CCM mode and one of the {@code update} methods has already been called for the active encryption/decryption operation".
-------------
PR Comment: https://git.openjdk.org/jdk/pull/15727#issuecomment-1743939902
More information about the security-dev
mailing list